<?php
	include 'connect.php';
	$message_ok = "";
	
	if ( isset($_POST['validProfil']) )
	{
	
		$first_name = $_POST['prenom'];
	$last_name = $_POST['nom'];
	$street = $_POST['rue'];
	$city = $_POST['ville'];
	$zip = $_POST['cp'];
	$phone = $_POST['phone'];
   
		$sql2 = ("UPDATE customer 
	SET first_name='".mysql_real_escape_string($first_name)."', 
		last_name='".mysql_real_escape_string($last_name)."',
		street='".mysql_real_escape_string($street)."' ,
		city='".mysql_real_escape_string($city)."',
		zip='".mysql_real_escape_string($zip)."',
		phone='".mysql_real_escape_string($phone)."' 
	WHERE user_name='".mysql_real_escape_string($_SESSION[logname])."'");
		mysql_query($sql2,$db) or die('impossible de modifier le profil'.mysql_error());
		updateDateUser($_SESSION['logname'],$table_name);
		
	}
	elseif (isset($_POST['validReseau']))
	{
	$ziki_url = $_POST['ziki_url'];
	$skype = $_POST['skype'];
	$linkedin = $_POST['linkedin'];
	$flickr = $_POST['pseudo_flickr'];
	$lien1 = $_POST['url_rss'];
	$lien2 = $_POST['url_2'];
	$lien3 = $_POST['url_3'];

	$sql2 = ("UPDATE customer 
	SET ziki_url='".mysql_real_escape_string($ziki_url)."', 
		skype='".mysql_real_escape_string($skype)."',
		linkedin='".mysql_real_escape_string($linkedin)."',
		pseudo_flickr='".mysql_real_escape_string($flickr)."' ,
		url_rss='".mysql_real_escape_string($lien1)."',
		url_2='".mysql_real_escape_string($lien2)."',
		url_3='".mysql_real_escape_string($lien3)."' 
	WHERE user_name='".mysql_real_escape_string($_SESSION[logname])."'");
		mysql_query($sql2,$db) or die('impossible de modifier le resume'.mysql_error());
		updateDateUser($_SESSION['logname'],$table_name);
	}
	elseif ( isset($_POST['modifEducation']) )
	{
		$sql = ("SELECT user_id FROM $table_name WHERE user_name='".mysql_real_escape_string($_SESSION['logname'])."'");
		$result = mysql_query($sql,$db);
		$user_id = mysql_fetch_array($result);
	
		$sql = ("DELETE FROM education WHERE user_id='".mysql_real_escape_string($user_id[0])."'");
		mysql_query($sql,$db);
	
			for ( $i=1; $i < 5; $i++ )
			{ 
				if ( $_POST["org_$i"] != "" )
				{
					$dtstart = $_POST["dtstart_$i"];
					$dtend = $_POST["dtend_$i"];
	
					$sql = ("INSERT INTO education VALUES('', '".mysql_real_escape_string($user_id[0])."', 
					'".mysql_real_escape_string($dtstart)."', 
					'".mysql_real_escape_string($dtend)."', 
					'".mysql_real_escape_string($_POST["org_$i"])."')");
	
					// updateDateUser($_SESSION['logname'],$table_name);
					mysql_query($sql) or die('coucou'.mysql_error());
	
				}
			}
	}
	elseif ( isset($_POST['modifExppro']) )
	{
	$sql = ("SELECT user_id FROM $table_name WHERE user_name='".mysql_real_escape_string($_SESSION['logname'])."'");
$result = mysql_query($sql,$db);
$user_id = mysql_fetch_array($result);

$sql = ("DELETE FROM exppro WHERE user_id='".mysql_real_escape_string($user_id[0])."'");
mysql_query($sql,$db);

	for ( $i=1; $i < 5; $i++ )
	{ 
		if ( $_POST["titre_$i"] != "" )
		{
			$dtstart = $_POST["dtstart_$i"];
			$dtend = $_POST["dtend_$i"];
			$summary = $_POST["summary_$i"];
			$titre = $_POST["titre_$i"];
			$employeur = $_POST["employeur_$i"];
			$location = $_POST["location_$i"];

			$sql = ("INSERT INTO exppro VALUES('', 
			'".mysql_real_escape_string($user_id[0])."', 
			'".mysql_real_escape_string($employeur)."', 
			'".mysql_real_escape_string($titre)."', 
			'".mysql_real_escape_string($location)."', 
			'".mysql_real_escape_string($dtstart)."',
			'".mysql_real_escape_string($dtend)."', 
			'".mysql_real_escape_string($summary)."')");

			// updateDateUser($_SESSION['logname'],$table_name);
			mysql_query($sql) or die(mysql_error());

		}
	}
	
	
	}

?>